Pages

Sunday, September 28, 2008

Thursday morning I decided to switch sessions, Mogens Norgaard's for Tanel Poder's session. I had to queue up, because the room was fully booked, but not everybody showed up, so all people in the line-up could enter the room. I sure was glad I switched, as this was the best session at this conference for me. The title was "Advanced Oracle Troubleshooting: No magic is needed - a systematic approach will do". He outlined a systematic approach to answer the question "What the $#*&%! is that session doing?". My personal favourite SQL*Trace collects all work done for one process or single query, but this isn't any good when the process or query doesn't return results. And that's exactly what this method was about. Tanel showed his collection of scripts that makes the querying against v$session_wait, v$session_event and v$sesstat a lot easier. And when that doesn't help, there's always the process stack of course :-). And actually it is a lot easier than it looks initially, especially with Tanel showing it. All qer... calls are just query execution row source lines, corresponding to row source operations you see in your execution plan. The meaning of each individual line can be looked at MetaLink note 175982.1. A lot of eye-openers in an awesome session. You can find the material he used here on his blog.

Then I went to see the "Oracle ACE Director Birds-of-a-Feather Tips and Techniques Panel" by Oracle Aces Lewis Cunningham, Arup Nanda, Tim Hall, Eddie Awad, Mark Rittman, Hans Forbrich and Bradley Brown. All attendees could write a question on a piece of paper, the papers were collected, Lewis read the questions and the panel answered them. Didn’t hear anything new, but it was entertaining.

Next session was Juan Loaiza session called "Oracle Exadata Architecture Overview". He explained the techniques behind the Exadata concept in more detail, even the physical layout. In short it ships less data through pipes by using smart scans (see this whitepaper), has more pipes and has bigger pipes using Infiniband. It is designed to gracefully tolerate cell brownouts. Not really relevant to an average developer, but the concept of smart scanning can be relevant when trying to understand how queries are executed in this architecture.

Then Chen Shapira’s unconference session about Streams. She explained the Streams concepts Capture, Propagate and Apply. In the OTN Streams Forum she participates in, a lot of questions are like "I configured Streams exactly like it said in the documentation, but it doesn’t work. Help!" and that’s why she spent the main part explaining how to troubleshoot, using a live demo. It’s about systematically checking all parts. Initially the source must be equal to the target. Start with Capture; check dba_capture.status to see if it is enabled or look at the alert.log to see if anything is wrong. For Apply, check the automatically created error queue. And then check the rules. I entered the session only knowing Streams is something about replication with redo logs using Advanced Queueing under the covers, and now I think I actually understand the whole process conceptually and I know where to look when something doesn’t work. So the session was very good. Check out her blog for more details on Streams and this session.

The last session of Oracle OpenWorld was Gaya Vaidyanatha’s "Oracle Performance Management: Real-World Case Studies". He’s the guy who invented the term Compulsive Tuning Disorder, explained in the "Oracle Insights: Tales of the OakTable" book. The session was a collection of war stories where the developer – of course – did something extremely stupid, how he detected the problem in the trace files and what the solution was and how much it solved. And how he made many hardware vendors extremely pissed off with his advice. Gaya is an excellent speaker: strong voice, charismatic and humorous. So this was an entertaining end of Oracle OpenWorld.

Looking back at Oracle OpenWorld I think it was a fantastic event. It’s a great place to meet like-minded people you know from the articles, blogs and OTN forums. There were a lot of very good sessions, but you have to choose them carefully or you'll end up in some marketing talk. Also compliments to the team who organized the event. I cannot fathom the work that needs to be done to make this all happen, but they did. And of course, thanks to my manager Roel, for allowing me to visit Oracle OpenWorld! Next year again?

Friday, September 26, 2008

Before going to some sessions I had a walk around the two exhibition halls for the first time. Not very interesting for me: a lot of vendors exhibiting and some game rooms. The demo grounds were more interesting although it was a little bit too busy. I managed to see a preview of SQL Developer's data modeling extension, but more on that later. I was a little disappointed for not seeing a stand for PL/SQL as I would have liked to express my wish to people of the PL/SQL team to extend the sql%bulk_exceptions array with the actual error message (see this post). I had seen Bryn Llewellyn walking around in Oracle OpenWorld though.

Next I arranged to meet my ex-colleague Hans Driessen and drank a smoothie. Anjo Kolk was also supposed to be there, but he was having a hard time after Mogens' party last night according to Hans ...

The first session was Mark Drake's "Oracle Application Express and Oracle XML Database: A Match Made in the Database". Carl Backstrom was on stage too, to answer some APEX related questions. The session showed how to present XML content in APEX screens. When you just select the XMLTYPE column you'll not see the contents. Using XMLSerialize the results are a little better, but all the tags in the XML are then interpreted by the browser and effectively removed from the screen. Using XMLTransform the tags are visible. In a last variant, that I didn't manage to write down, the XML appeared all nicely. I thought the session was pretty good, although I would still have to look things up when I need it.

Next session was Rene de Vleeschauer's "Database Data Modeling with Oracle SQL Developer". Entity relationship modeling and logical data modeling can be done within SQL Developer now. However, it will be a non free option whereas SQL Developer itself is free of charge. You can import existing data models from Designer - both ERD and server models -, Erwin and from Oracle Warehouse Builder. It supports all database objects, even some less common ones. Creation scripts and alter scripts can be generated from the models. It looked like it can replace Designer's data modeling side completely. So, good work!

Now it was time for Larry's big announcement. Although there are TV screens all across the buildings, I wanted to experience it myself and went to Moscone North, hall D. I certainly wasn't alone: roughly estimated 7000 people also saw the show. Due to my bloggers pass, I had a nice seat in the center amidst press, analysts and other bloggers. Larry announced the Exadata Programmable Storage Server and the HP Oracle Database Machine and promised at least 10 times faster results. For an outstander it must have looked pretty nerdish: 7000 business people and techies applauding and cheering for a 4 crate high intelligent storage array on stage. For the large companies out there it should be spectacular though.

Then one last session, "Managing Very Very Large XML Documents with Oracle XML Database". I had a hard time hearing the story and the slides were hardly readable, so I quickly lost interest.

In the evening we all went to Treasure Island, between San Franciso and Oakland, for the appreciation event. An impressive event, to say the least. Good food, a nice boardwalk carnival and six artists, of which I saw four: the Psychedelic Furs, Seal, Elvis Costello and UB40. I had a good time and met quite a few more people whose blogs are in my Google Reader. Came back at the hotel at half past twelve.

Wednesday, September 24, 2008

Tuesday was very diverse. I missed the 9AM session called "How to hack an Oracle Application Express application", because I wanted to finish my previous blogpost. However, before the third session started, I heard two people behind me talking how great this session was ...

So the first session I attended was Tom Kyte's keynote "The best way ...". I'm more a fan of technical sessions than keynotes, but this one was ok. He talked about best practices, that can only be good in your situation when the contexts are equal. If not, a best practice can easily be a nightmare. An example was the query "select * from t1, t2 where t1.id = t2.id and t1.small_distinct = :x". Two explain plans, one using two full table scans and a hash join, the other using index range scans, table accesses by rowid and a nested loop. Which plan is better? The answer is "it depends on the context". In a batch you definitely want the hash join to fetch all thousands of rows, but in an interactive application where you are only interested in the first row(s), you definitely want the indexed one. A quote I liked was "Don't tune a query - tune a process, an algorithm or the entire approach". Too often it occurs that a slow query can be tuned by not executing the query at all. I also liked this picture of Tom's favourite saying "Question Authority".

The next session was "Advanced Performance Diagnostics: What the GUI doesn't tell you", by Kurt Engeleiter and Jon Waldron. I didn't know the speakers, but the title looked interesting: advanced and something about numbers or statistics that are not visible through GUI's. They not only looked interesting to me: the room was full. However, the session was a big waste of time. Nothing advanced, only powerpointing through some basic AWR and ASH facts. And to top it off, I couldn't even follow the second speaker because he talked so fast with an Australian accent. Lesson learned: pick sessions more carefully and pick the ones from speakers you have heard of and know they are good.

Next in line was Steve Muench's "Oracle Application Development Framework 11g: New Declarative Validation, List of Values, Search and Services Features". The title says it all, I have nothing to add :-). Well ok, it was a good session with lots of new nifty features, clearly explained. The things that weren't clear, was not because of Steve's explanation, but because of my limited ADF knowledge. Declarative client side validations are great in general - provided they are validated in the database as well of course - and ADF 11g has delivered lots of it. APEX guys, please keep up!

I decided to skip Patrick Wolf's session "The Power of the Oracle Application Express Repository" in favour of Marcelo Ochoa's unconference session about REST webservices. He had only two attendees, so we got a private session about the differences between the SOAP and the REST protocol. The latter is capable of caching requests in a proxy due to an expiry date header and skip the XML-ish stuff, thus saving a lot of traffic and work. Next I talked with Marcelo about his DBPrism project. This software can be used to replace the mod_plsql engine of APEX and thus have proxy authentication inside APEX. According to Marcelo several companies already use his software for this reason and he never received bug reports, so it should be good. You can see the announcement on his blog here. I will definitely have to try it to see what's possible and what's not.

The last session was Frank Nimphius' "Oracle Application Development Framework Web Application Security by Example". He showed several ways to implement client side security. The whole session I was thinking about why not implement this stuff in the database. Fortunately, in his last slides he recommended to do this as well, using features like VPD and database proxy authentication. Another plus was the live demo.

Now we'll have to wait for Larry's big "extreme performance" announcement tomorrow ...

Tuesday, September 23, 2008

Monday started kind of funny. On Sunday, Chen pointed out an unconference session to me about the SQL and PL/SQL forum, saying semi-seriously "this one is about you". My first regular session started at 11:30 AM, and this one at 11 AM, so I decided to have a look what Greg Pike had to say about the forum. His point was that he was amazed at the speed and the quality of the answers in the SQL and PL/SQL forum, but there isn't a good way to search or extract the greater threads. And then he went on to discuss several ways to get to the great information. Some of the ideas we discussed were: daily email or a yearly book with just the great threads, or a rating system that actually works by letting the regulars vote or not showing threads without an answer. Anyway, to show why the forum is great, Greg showed a particular thread he participated in about a quite complicated query combining string aggregation and counting. He was impressed by the answers ("these guys are unbelievable"), and went on to show all the given alternatives by Warren Tolentino, Nicolas Gasparotto, Rob van Wijk and michaels, solving the problem with hierarchical queries, model clause and xmldb stuff. He didn't know my name, which was amusing to me. But half way through, Lewis Cunningham exposed me. "That model clause query ... that's (pointing to me) the guy." It was weird for me though to see my name and query being mentioned in a presentation in San Francisco.

Because of this unconference session I arrived too late at Chris Muir's "Back to Basics: Simple Database Web Services Without an Application Server". He was showing several ways to call webservices from within the database, using utl_http and utl_dbws. And he was talking about 11g's native web services. Unfortunately I knew all this stuff already and was hoping to hear more about all the options and parameters that have to be set. But instead he walked through some code that is available, and copied a lot I guess, on the internet. The session would have improved a great deal if he had used a live demo, showing how it works, and showing the differences in the parameters like document_style, soapaction_uri.

Next session was Roel Hartman's "Developing a Real-World Logistic Application with Oracle Application Express". He told us about a Forms application that needed a new frontend and where he got to show an impressive prototype using APEX. When using no custom code, Oracle Forms has a richer user interface than APEX. Roel showed what he had done to have APEX reach that same level using direct validations, a useful calendar, a better LOV and code to automatically show a description when a code is entered. After applying these techniques, the user interface was as good as Forms'. But the best part was about a plan board in APEX. Roel had created a matrix screen, with the trucks and the days on both axis. The planning of the shipments/containers was done by dragging and dropping a square box in a cell. Looked really cool! Roel will post some or all of this code on his blog shortly.

One of the session I definitely didn't want to miss was "Performance Fundamentals for Oracle Database 10g and Oracle Database 11g", by Graham Wood, Uri Shaft and John Beresniewicz. It was on my list primarily because of the speakers, but I should have taken a closer look at the title and especially the word "fundamentals". The session was not as advanced as I had hoped for. Although it was impressive to see how they calmly explained the concept of time in the database and gradually expanded on that theme. When watching Enterprise manager or ASH graphs, you might feel overwhelmed at all the terms, but with these guys explaining db time, actual wait time, recorded wait time and time on runqueue, it seems just SO trivial. As said earlier in this post, 11g has quite a few extra useful columns stored as part of ASH data, like row source, execution_id and operation_type, making the data collection phase of performance tuning even easier.

Then it was time for two Application Express sessions. First was Simon Boorsma's "Application Express Mashup". I had heard of the term mashup before, but I really didn't know what it was. This session did a great job at explaining it. It's about grabbing content on the internet and displaying it on your own page. Categories of mashup's are news, search & shopping, video & photo and mapping. The great benefit of mashup's - according to Simon - is the enhanced user experience. One example was an APEX address form that shows a google map of that address in a separate region. Another one was about adding photo's, which unfortunately didn't work, but you still got the idea. The disadvantages shouldn't be neglected however: you are now dependent on other site's availability, quality of service and performance, and there might be security and legal issues.

Last session of the day was Carl Backstrom's "Web 2.0 Development with Oracle Application Express". He started the session, or in fact any session, with an explanation of "your three best friends": $x, $v and $s for handling DOM tree elements (exists, get value and set value). The coolest thing about the session were the live demos showing how things worked under the covers. I will definitely use the console more for debugging purposes now. At the end Carl pointed out several features that will likely be in 4.0, like jquery, more JSON and namespaced APEX.

Then off to the Hilton Hotel for OTN night, together with Nicolas. We had some food (including dutch "rookworst"!) and drinks and met with John Spencer.

Monday, September 22, 2008

The first day at Oracle OpenWorld 2008 was great. I arrived early at 8.30 AM, although my first session started at 10.00 AM, so I had the time to register, explore the territory and take some photographs. The cable to connect by camera to my laptop is left at home unfortunately. I will put some photographs here when I get back home. My first impressions are that it is a huge and very well organized event. The Moscone Center and the Marriot Hotel where the sessions are held are impressive buildings, especially inside, with their very high ceilings.

UPDATE

Here are some of the photos:

The first session I attended was by Tanya Baccam and was called "Oracle Security Risks" in my agenda, but the real title was "Application Vulnerabilities and the Oracle Database". I hadn't heard of the speaker before, but she was articulate - important for us non native speakers! - and very good at explaining the several security concepts. It gave me a nice overview of the things we should have in mind when developing applications. Often things you might not be aware of. Things like error messages shouldn't give too much details. If the error message on authentication is "Password is not correct", you are really saying to the hacker "You got the username right!". So better use "Login failed" or something like that. Or session identifiers. If the hacker knows this identifier, he can enter the application like someone else, so you'd better ensure you have a session identifier that cannot be acquired by doing a brute force generation of these identifiers. And of course, concepts like SQL injection and cross site scripting were also presented. Tanya also showed a way to exploit weaknesses in Oracle Forms applications. I will have to try that one at my client when I get back home, to see if they are vulnerable as well :-). Another nice tip for me was about using DBMS_ASSERT in validation checking code.

Next session was Tom Kyte's "All About Encryption". He started of powerpointing through several possibilities of doing encryption. dbms_obfuscation_toolkit is for version 8 and 9 and is now obsolete because it uses varchar2's which are vulnerable to changes in character sets. The dbms_crypto package from version 10 has binary output and is therefore better than the dbms_obfuscation_toolkit package. The other two concepts Tom explained were column level encryption and tablespace level encryption. And then the session turned from good into great: he opened up SQL*Plus and used several scripts to show how the encryption is done and comparing the alternatives on block consumption and performance. A thing to remember is watching out for index range scans on encrypted indexed columns: where last_name = 'KYTE' will be able to use an index because the optimizer will first encrypt the constant as well, but using where last_name like 'K%' will not be able to use an index range scan, since the "K" rows are scattered around the index due to the encryption. For me, this was the best session of the day. And be sure to watch Tom Kyte's blog, because he received an interesting question at the end of the session, asking if the information in temp is encrypted as well.

The third session was "BEA Aqualogic & Oracle Fusion Middleware Shootout" by Lonneke Dikmans and Ronald van Luttikhuizen. I missed this session during the Preview sessions in the Netherlands, but I heard good comments from a colleague who did attend the preview. The session was great for me in terms of catching up with the latest abbreviations and concepts in service oriented architecture. Both technology stacks had their strong points and weaknesses. One such weakness that was spotted is that repeating process steps in BPEL have to be copied; a circular reference was not possible, making it harder to communicate these process flows with end users. Another lesson learned - again - was not be overwhelmed by all the new terms; it's the same concept we've been knowing for years: workflow, just with a new coat. The thing that worries me though, is that performance and scalability is often discarded. This session was no exception. The amount of data that has to be processed in modern systems increases rapidly. Yet I see some really lengthy XML structures being passed back and forth for even the most simple tasks. And then there must be a lot of metadata that has to be dealt with under the covers, like recording where my process is now. How scalable will this be? Anyway, at the end of the session all pros and cons were listed. There wasn't a clear winner.

The remaining part of the afternoon was spent being a tourist in San Francisco, together with Chen Shapira. We had pre-arranged to do a walking tour, since she also had some time to kill until the bloggers meeting at 7PM. She lives in the Bay area, so I didn't have to worry about getting lost :-). It was a really nice tour, along the financial district, Embarcadero with its great views, little Italy and China Town. San Francisco is a beautiful city with lots of different styles all mixed up. It looks more like a European city to me than an American one.

Then it was time for the bloggers meeting. Seeing the faces and meeting the people behind the blogs I read was really nice. Here, at the other end of the world, I've finally met Nicolas Gasparotto, who currently lives only 30 kilometres from me in the Netherlands. And I've met Hans Forbrich and many more. Thanks Eddie, for the organization!

Saturday, September 13, 2008

The CDM classification scheme has divided the change event rules into two categories: change event rules with DML and without DML. Since I have the same advice for both of these categories I am elaborating on them both in the same post.

Simple default value rules

These are implemented declaratively by specifying a default value clause for a column. When you don't specify the column during insert, the default value will be assigned. Note that the default value will not be assigned when you specify the value explicitly as null during insert.

These change event rules are typically worded as "If A happens, always do B". The categories differ in what B is: Is it a complex default value, regular DML, or something outside the database.

In order to never forget that B should happen, a database trigger may sound tempting. But it is like smoking. One cigaret might make you look cool and will not harm your body much, but do it consistently and you are coughing all day and your lungs are black inside. You will end up in a situation where nobody understands all ramifications when you put that enddate in your contracts table. Maintenance costs will rise, because developers constantly get confused about unexpected code behaviour. And eventually the system will have to be replaced because it is just too complex and expensive to get anything done.

And then you have the performance considerations, because everything gets done row by row. And for the change event rules without DML, there is an extra trap as well when doing non-DML stuff that cannot be rollbacked. You'll be sending that email when in fact the update was rollbacked and just never took place. Or because of write consistency you might end up sending that email twice.

So the advice here is simple: don't ever implement these kind of rules using database triggers.

Code them in your api's. In the same way as I explained the api approach in the earlier blogpost about Implementing entity rules. Imagine to just read your end_contract procedure and seeing a series of procedure calls with clear names. And I've said it before in the database triggers are evil post: you make sure nobody bypasses the api by not granting table privileges to anyone, revoking the create session privilege after each install and patch in the owner schema. Only execute privileges on your api are granted.

Inspired by this OTN post from michaels, I realized I can also do the unpivot query from Simulating print_table with unpivot with just grouping sets functionality. So you won't have to wait until 11g, because grouping sets became available somewhere in the 9i range. The equivalent query is this:

Thursday, September 11, 2008

This evening (and late afternoon) AMIS gave 9 speakers a chance to prepare their Oracle OpenWorld sessions for their Dutch peers. Three parallel tracks with three sessions each. You can read the official introduction for these sessions here. I decided to visit the three database oriented sessions, but some other sessions looked interesting as well. I'll check the feedback on those other sessions and maybe visit them in San Francisco. Although it is kind of odd to travel all those miles to hear a session you could have heard next door as well.

The first session I attended was Gerwin Hendriksen's "Jumping the GAPP". He presented this session during this year's Hotsos Symposium for a audience of 350 people with some of the world's leading performance experts, where it was received very well. Today he explained it in a little meeting room in front of just 4 attendees ... In short (and oversimplified), he explained a concept to do performance analysis on business processes based on past performance and utilization metrics. Data mining techniques are used to accurately pinpoint the bottleneck. Oracle has the DBMS_PREDICTIVE_ANALYTICS package to assist you with that. I can really recommend this session. You'll not get a spoonfeed implementation, but "just" a thought provoking concept. His session is at Sunday from 11.45 - 12.45 at Marriot, Golden Gate C3.

The next one was by Frits Hoogland about Automatic Storage Management. As a developer I was hoping to get some kind of introduction, but it was immediately about SAN's, OMF, spindles, AU's and the like. He dove quite deep into some of the mechanics, explaining pros and cons of ASM realistically. Frits obviously knows what he is talking about and is passionate about it. His session is on Thursday from 9.00 - 10.00, Moscone South, Rm 303. It's after last evening's appreciation event and competing with Tanel Poder's session, so it will be hard for him to fill the room. But if you are into storing mechanisms, this session is a must.

The last session was called "Real-World Experience with Oracle XML Database 11g: An Oracle ACE’s Perspective" by our national XMLDB expert Marco Gralike. He excused himself more than once for this title: he did not come up with it himself. This session is intended to be a bit of everything. He touches all kind of aspects about XML(DB) and gives his opinion about it. I have some basic XMLDB knowledge, so some parts were right for me, some were trivial and he lost me on several other parts. My guess is that this will be true for everybody, dba or developer, newbie or expert. You'll get something out of it. This session is on Tuesday 14.30 - 15.30 at Marriot, Salon 12/13. His other session on Sunday is already fully booked.

Last Friday I finally got approved to visit Oracle OpenWorld as a blogger. It came as a surprise, because I had to wait 5 weeks for the approval. This can be fine if they had said in advance that an approval process can take up to 5 weeks. But without such a notice, it's hard to imagine why judging that a blog is indeed about Oracle and is not brand sparking new, can take that long. During those weeks I thought I had messed up my registration. Especially since I didn't fill in the blog's URL anywhere initially. Turned out you had to use the "Company name" field for the URL. But all is well now; I saved my company 2000+ dollars for a full conference pass. Which is still like some 100 euros nowadays :-).

The flight and hotel are booked as well. The hotels nearby the Moscone Center were already booked, and the closest one available was 14 kilometres (9 miles) away. It is not even called San Francisco anymore, but Brisbane. I think it must have a nice view at the San Francisco Bay though. On the other hand, this photograph makes me a little worried about being able to sleep if airplanes are flying this close. So if you see me yawning, it doesn't necessarily mean the presentation is boring...

It's hardly possible that a session is boring. There are just so many good sessions to choose from. At any time I will have a hard time choosing between several interesting ones. I filled up my entire schedule with presentations. At the end I realized that I completely missed all Oracle Develop sessions. And these are - most of the times - even better than the regular ones. And then there's the unconference. This will likely lead to some rescheduling as well. So I have decided to pick out only a few sessions I don't want to miss. At other time slots I have not decided anything yet. If you have some good tips about sessions or activities you think I am or should be interested in, I'd like to hear about it.

What a crappy software by the way, this schedule builder. It's Oracle unworthy. In my opinion, the user interface should be such that we can choose a time slot and then the software provides a list with the available sessions. Now you just get a huge list where titles don't fit into the box. To see the entire title of a session - and more importantly: the speaker - you have to double click the line. A popup box then appears which you cannot close, because the title is on top of the close button most of the time. You have to enlarge the box to separate the title from the close button. To be able to enlarge the box, it's possible you'll have to move the box a bit to the left. Oh well, it's better than having no such facility at all.

Enough whining, I'm going to OpenWorld for the first time and I am really looking forward to it!

Thursday, September 4, 2008

Just finished a three day APEX training by John Scott and Dimitri Gielis of Apex Evangelists in my home city. It consisted of 10 one-and-a-half-hour presentations, one hands-on session and a quiz. The topics of the 10 presentations were well chosen. No time was wasted by explaining basic stuff. Instead they focused on some lesser known topics you won't necessarily encounter, like AJAX and JavaScript, customizing templates, security and debugging, to name my favourite ones. Unfortunately, there were also a few that I thought were either less interesting, a bit long winded or not properly explained. But overall it was interesting and I had lots of "wow, I didn't know this was possible as well" moments.

The best part - I think - was the hands-on session. There is no better way of learning than doing things yourself. Especially since the topic here was AJAX/Javascript, two areas I am not too familiar with. So this was a great opportunity to experience how relatively easy it is.

The quiz was hilarious at times. I can imagine the fun John and Dimitri must have had when coming up with some of the multiple choice options. The quiz was won by Rutger de Ruiter, who was just started a new APEX blog as you can see in the link.

If you have a little experience with APEX and want to learn more of this product, that is so nicely integrated with our beloved Oracle database, then I can definitely recommend this training.

One wish though: I have seen several "killer" features, as Dimitri likes to call it. But my killer feature would be to have APEX do real database authentication using proxy authentication. As it is now, you are always "APEX_PUBLIC_USER" in the database, or the user you specify in your database access descriptor. It would be so nice to be yourself, so features like auditing, database roles and privileges and virtual private database etcetera, would work out of the box. And yes, I know you can code around it using v('APP_USER'), but I like things as simple as they need to be, and coded or configured once: inside the database.